This policy template communicates the company’s commitment to information security and outlines the systems it has in place to control access to controlled information and information security equipment.

The policy covers systems such as: -

• The management of user accounts
• The management of access to systems and secure areas
• The responsibilities of users to ensure information security

The policy has relevance for and can be used to contribute towards an ISO 27001:2022 compliant management system. 

The information classification label on this policy is [Public].